Code analysis with Jenkins and Clang scan-build

Clang scan-build is used for analyzing your project’s codebase as
part of performing a regular build. Once the codebase has been
analyzed and built you will be able to browse the scan-build report
by using a web browser.

Tested And Verified

Creating a Jenkins project for running scan-build reports

Jenkins provides a ready to use Clang Scan-Build
Plugin,
but the plugin itself is designed for building and analyzing of MacOS
and iOS XCode projects.

For that reason it makes no sense for us to use that plugin in our
project.

Instead we will simply generate the scan-build reports and make them
available through Jenkins by using the HTML Publisher
Plugin.

First we would need the HTML Publisher
Plugin
which will simply archive and make available our scan-build report,
so now navigate to Manage Jenkins -> Manage Plugins -> Available
and install the HTML Publisher
Plugin
if you don’t have it installed already.

Now, lets create our Jenkins project for running scan-build reports.

Navivate to New Job and give the new project a meaningful name. In
this example for the project name I will use the pkgng-scan-build
name as shown on the screenshot below.

Once the new project is created we need to configure it - project
description, SCM, number of builds to keep, etc.

Then we configure the Source Code Management section of the project.

The next section we configure is the Build Triggers one.

This is where we configure when a project is being scheduled for a
build. In the screenshot below we poll the remote Git repository once
a week and if there is a new change we schedule a build for it.

The scan-build Jenkins job will poll the remote Git repository once
every week at 20:30h at Sunday and if there’s a new change it will
schedule a build.

I choose to run scan-build reports once a week as they tend to be
quite resource consuming, especially if you run them on a slow
machine.

Now lets configure the build itself. This is where we define how the
scan-build reports are being generated. To do that we configure the
Build section of our project as shown in the screenshot below.

In order to add the build step click on the Add build step button
from the Build section of the project and select the Execute shell
option.

The Build section of the project is a simple shell script that takes
care of generating the scan-build report.

Below is listed the shell script used for building the scan-build
report.

The above script assumes that you have installed scan-build in
/usr/local/llvm/Release+Asserts/bin/scan-build. The report will be
archived in Jenkins workspace and proper exit codes will be returned.

The last thing we need to do is to publish our scan-build report
which we configure in the Post-build Actions section of our project.

To do that in the Post-build Actions section of your project click
on the Post-build action button and select Publish HTML
reports.

Then just fill in the fields - HTML directory to archive,
Index page[s], Report title and Keep past HTML reports.

The HTML directory to archive is the one that is being generated
during the scan-build run, which is determined from the build script
we’ve used in the Build section of our Jenkins project.

On the screenshot below you can see the values used in the different
fields for publishing the scan-build reports.

The Build section of the project is a simple shell script that takes

Once ready click on the Save button and do a test build of the
project. Once the project has been succesfully built you will be able
to access the scan-build reports of the project as shown in the
screenshot below.

And that was it. Now you have a Jenkins project that does continuous
analyzing of your project codebase using Clang
scan-build